more nfc

main.py

@@ -38,6 +38,7 @@ if gpie:
     import RPi.GPIO as GPIO
 import pickle
 import psycopg2
+import ndef
 import fido2.webauthn
 from fido2.hid import CtapHidDevice
 from fido2.client import Fido2Client, WindowsClient, UserInteraction
@@ -46,12 +47,14 @@ from getpass import getpass
 import sys
 import ctypes
 from fido2.ctap2 import Ctap2
+from fido2 import cbor
 import nfc
 
 config = configparser.ConfigParser()
 
 config.read('config.ini')
 
+nfc = False
 
 dbusername = config.get('Setup', 'dbusername')
 dbpassword = config.get('Setup', 'dbpassword')
@@ -70,7 +73,9 @@ redLed = 7
 
 door = 40
 
-
+def send_fido2_over_nfc(encoded_message):
+    ndef_message = ndef.Message(ndef.Record('application/fido2', '', encoded_message))
+    return clf.connect(rdwr={'on-connect': lambda tag: tag.ndef.records.append(ndef_message)})
 
 if gpie:
     # badCredentials = False
@@ -110,6 +115,7 @@ def read_nfc_tag():
     clf = None
     try:
         tag = clf.connect(rdwr={'on-connect': lambda tag: False})
+        nfc = True
         return tag.identifier if tag else None
     except Exception as e:
         # print("NFC read error:", e)
@@ -120,6 +126,7 @@ def read_nfc_tag():
             pass
 
 while True:
+    nfc = False
     if gpie:
         GPIO.output(door, GPIO.LOW)
         
@@ -240,8 +247,11 @@ while True:
         request_options, state = server.authenticate_begin(credentials, user_verification=uv)
 
         # Authenticate the credential
+        if not nfc:
             result = client.get_assertion(request_options["publicKey"])
-
+        else:
+            sendme = cbor.encode(credentials)
+            send_fido2_over_nfc(sendme)
         # Only one cred in allowCredentials, only one response.
         result = result.get_response(0)